The Headlines

Editor’s picks of the highlights from the past week.

Hard Multi-Tenancy in Kubernetes (
Jessie Frazelle, Microsoft

Kubernetes is the new kernel. This means a lot of great things for users trying to deploy applications, but also leads to a lot of the same challenges we have already faced with operating system kernels. One of which is privilege isolation, or multi-tenancy in Kubernetes. This post dives into “hard multi-tenancy” where multiple tenants in the same cluster should not have access to anything from other tenants.

A Local Kubernetes with microk8s (
Marco Ceppi, The Silph Road

Microk8s is designed to be a fast and lightweight upstream Kubernetes install isolated from your host but not via a virtual machine. This article walks through how to get started with microk8s to produce a clean deploy of the latest upstream Kubernetes on your local machine with little hassle or overhead.

Building Container Images Securely on Kubernetes (
Mustafa Akine, OpsGenie

Cloud Native is a new approach to build and run applications that can leverage the cloud computing delivery model. A critical aspect of the modern development is Continuous Integration and Continuous Delivery. This blog post introduces the most promising CI and CD tools in the Cloud-Native landscape or in other words, pipeline tooling.
New Webinar: Linkerd Service Mesh in Production: Houghton Mifflin Harcourt

Robert Allen – Director of Engineering, Houghton Mifflin Harcourt
May 29 @ 10:00 am – 11:00 am PDT

The Technical

Tutorials, tools, and more that take you on a deep dive into the code.

Gardener – The Kubernetes Botanist (
Rafael Franzke & Vasu Chandrasekhara, SAP

Kubernetes best practices: terminating with grace (
Sandeep Dinesh, Google

PVC Operator; Creating Persistent Volume on Kubernetes made simple (
Balint Molnar, BanzaiCloud

Using nginx-ingress controller to restrict access by IP (ip whitelisting) for a service deployed to a Kubernetes (AKS) cluster (
Maninderjit Bindra, Microsoft

The whales practice floating on the water. Day 4: Kubernetes on the Raspberry Pi (
James Shieh, efacani

Kubernetes: The Hard Way, Vagrant (
Ken Fukuyama, supersoftware

Kubernetes: Day One (
Jonathan Campos, Bottle Rocket

What You Yaml is What You Get (
Tobias Bradtke, Giant Swarm

Kubernetes Chaos Engineering: Lessons Learned — Part 1 (
Daniele Polencic, learnk8s

The Editorial

Articles, announcements, and more that give you a high-level overview of challenges and features.

CNCF To Host Telepresence in the Sandbox (
Kristen Evans, CNCF

Google Kubernetes Engine 1.10 is generally available and ready for the enterprise (
Yoshi Tamura, GKE

Is K8s too complicated? (
Jason Moiron, Datadog

Introducing Shared VPC for Google Kubernetes Engine (
Manjot Pahwa, Google

Introducing KubeSquash: Remotely Debug your Kubernetes Pods (
Idit Levine, Gloo

Introducing Escalator, the Atlassian-developed auto-scaling tool for Kubernetes (
Corey Johnson, Atlassian

Voyage across the Clouds with Kubernetes (
Heather Young, &Yet

Making Kubernetes work for the average engineer—via PaaS (
Matt Asay, InfoWorld

Why Did Kubernetes Win? (
Ryan Dawson, Alfresco

Kubernetes for the Spring Developer (
Meaghan Kjelland, Google


KubeWeekly is curated by ** Ryan Quackenbush (
and ** Kaitlyn Barnard (